Skip to content

Tools

  • KeyStore Explorer - You can take advantage of the KeyStore Explorer utility to provide a simple user interface to create signing requests (CSR) and import CA-signed certificates into Host Access for the Cloud.

  • To launch KeyStore Explorer on Windows - run \HACloud\utilities\keystore-explorer.bat as an administrator or with administrative rights.

  • To launch KeyStore Explorer on UNIX - run hacloud\utilities\keystore-explorer.sh as an administrator or with administrative rights.

The utility has an online Help system available to walk you through the user interface.

  • Java Keytool - The Java Key and Certificate Management Tool manages a keystore of cryptographic keys, X.509 certificate chains, and trusted certificates. It uses a command line interface. The Java Key and Certificate Management Tool documentation is available for both Unix and Windows platforms:

  • Entropy and encryption - Entropy is the randomness collected by an operating system for use in cryptography. This randomness is often collected from hardware sources, like mouse movements. A lack of entropy can have a negative impact on performance and security and will be more apparent in headless server-based installations.

    Solutions to improve entropy generation:

    • Keytool parameter – to change how entropy is generated, add an additional parameter to the linux keytool command line. -J-Djava.security.egd=file:/dev/urandom

    • Haveged tool – this is a tool to help remedy low-entropy conditions in the Linux random device, which can occur under some workloads, and especially on headless servers. See https://wiki.archlinux.org/index.php/Haveged for information on this tool.